{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T23:03:42.945","vulnerabilities":[{"cve":{"id":"CVE-2025-27028","sourceIdentifier":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","published":"2025-07-09T09:15:26.850","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read the entire file system content, including files belonging to other users and having restricted access (like, for example, the root password hash)."},{"lang":"es","value":"El usuario sin privilegios de Linux vpuser en Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) puede leer todo el contenido del sistema de archivos, incluidos los archivos que pertenecen a otros usuarios y que tienen acceso restringido (como, por ejemplo, el hash de la contraseña root)."}],"metrics":{"cvssMetricV31":[{"source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}]},"weaknesses":[{"source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"references":[{"url":"https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27028","source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158"}]}}]}